Every CVE whose affected-product data names Ui Unifi Protect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2026-55115 — CVSS 9.9 (critical): A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) in UniFi Protect…
CVE-2021-22943 — CVSS 9.6 (critical): A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network…
CVE-2026-21633 — CVSS 8.8 (high): A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery…
CVE-2021-22957 — CVSS 8.8 (high): A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor…
CVE-2026-56841 — CVSS 8.8 (high): A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi…
CVE-2026-54407 — CVSS 8.6 (high): A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to…
CVE-2026-54408 — CVSS 8.6 (high): A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to…
CVE-2021-22944 — CVSS 8.0 (high): A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to…
CVE-2026-54409 — CVSS 7.5 (high): A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in…
CVE-2026-21634 — CVSS 6.5 (medium): A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery…
CVE-2020-8213 — CVSS 5.3 (medium): An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid…